Vendors
-
U.S. charges former DigitalMint negotiator in scheme linked to BlackCat ransomware
The Department of Justice charged Angelo Martino, a former DigitalMint ransomware negotiator, with one count of conspiracy to interfere with interstate commerce by extortion after his March 10 surrender. Allegations include sharing negotiation details with BlackCat.
-
Threat actors using modified AuraInspector to mass-scan Salesforce Experience Cloud sites
Salesforce warned that attackers are using a modified AuraInspector to mass-scan public Experience Cloud sites and extract data from overly permissive guest user profiles. Customers should review guest settings and restrict external object access.
-
Meta disables more than 150,000 accounts tied to Southeast Asia scam centres
Meta disabled more than 150,000 accounts tied to Southeast Asia scam centres and 21 arrests followed in Thailand, while new platform tools and a U.K. disruption unit aim to scale takedowns and reduce fraud.
-
CISA adds three vulnerabilities to Known Exploited Vulnerabilities catalog and sets federal patch dates
CISA added three vulnerabilities to its Known Exploited Vulnerabilities catalog on Monday, covering Workspace One UEM, SolarWinds Web Help Desk, and Endpoint Manager. Federal civilian agencies must apply fixes by mid and late March.
-
Ericsson US discloses data breach after service provider hack
Ericsson Inc. notified individuals that attackers stole employee and customer data after a service provider was hacked. The provider detected the incident in April 2025. Texas filings list 4,377 affected.
-
CISA adds two critical Hikvision and Rockwell vulnerabilities to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency added two critical CVE-2017-7921 and CVE-2021-22681 vulnerabilities affecting Hikvision and Rockwell products to its Known Exploited Vulnerabilities catalog, both rated CVSS 9.8.
-
Microsoft warns OAuth redirect abuse used to deliver malware to government targets
Microsoft warned that phishing campaigns are abusing OAuth redirect features to deliver malware to government and public sector targets, using malicious OAuth apps, ZIP payloads, PowerShell and DLL sideloading. Organizations are advised to limit consent and review app permissions.
-
Drone strikes damage AWS data centers in UAE and Bahrain
Drone strikes damaged three AWS facilities in the UAE and one in Bahrain, causing outages that affect dozens of cloud services. Structural, power and water damage were reported and recovery work is under way.
-
Google issues patches for 129 Android flaws including actively exploited Qualcomm zero day
Google released updates that fix 129 Android vulnerabilities, including an actively exploited zero day in a Qualcomm display component. The bulletin adds two March patch levels and addresses 10 critical flaws that can enable remote code execution.
-
Patched Chrome flaw allowed malicious extensions to hijack Gemini panel
A Unit 42 technical analysis found CVE-2026-0628 could let malicious Chrome extensions inject code into the Gemini panel and access camera, microphone, screenshots, and local files. Google patched the issue in early January 2026.
